﻿<%@ Page Language="C#" %>

<%@ Import Namespace="System.Web.Services" %>
<%
    /*
    <copyright project="AsynchronousSessionAuditor" file="FormsAuthenticated.aspx" company="Sky Sanders">
        This source is a Public Domain Dedication. 
        http://spikes.codeplex.com
        Attribution is appreciated.
    </copyright> 

     */
%>

<script runat="server">
    [WebMethod()]
    public static void DoSomething()
    {
        // doing something
    }
    
</script>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title></title>
    <link href="Demo.css" rel="stylesheet" type="text/css" />

    <script src="AsynchronousSessionAuditor.js" type="text/javascript"></script>

    <script type="text/javascript">

        function reportStatus(value) {
            /// <summary>
            /// In a typical session/ticket lifetime you might display a warning at T-5 minutes that the session 
            /// is expiring and require an action.
            /// </summary>

            document.getElementById("sessionTimeout").innerHTML = "Auth ticket expires  in "
                + parseInt((new Date(parseFloat(value)) - new Date()) / 1000) + " seconds.";
        }

        function init() {
            // default is 60 seconds. Our session is only 1 minute so lets get crazy and poll every second
            AsynchronousSessionAuditor.pollingInterval = 1000;
            AsynchronousSessionAuditor.init(AsynchronousSessionAuditor.formsAuthAuditKey, reportStatus);
        }
        
    </script>

</head>
<body onload="init()">
    <form id="form1" runat="server">
    <div>
        <div>
            <asp:LoginName ID="LoginName1" runat="server" />
            <asp:LoginStatus ID="LoginStatus1" runat="server" />
        </div>
        <h3>
            FormsAuthentication Asynchronous Session Management Demo</h3>
        <div class="style1">
            <p>
                Author: <a href="http://skysanders.net/subtext">Sky Sanders</a> Source @ <a href="http://spikes.codeplex.com">
                    http://spikes.codeplex.com</a></p>
        </div>
        &nbsp;<div id="sessionTimeout" class="timeout">
        </div>
        <div class="style1">
            <p>
                For this demo, the FormsAuthentication timeout is set to 1 minute and our polling
                interval is 1 second.
            </p>
            <p>
                In a real work scenario, you would might have a default 20 minute session and poll
                at 60 second intervals.
            </p>
            <p>
                At t-5 minutes you might display a modal dialog requiring user input to either continue
                the session or abandon and logout.
            </p>
            <p>
                If the user is just not there and does not respond by t-1 minute simply redirect
                and/or log them out.</p>
            <p>
                <br />
                The key idea here is to be in proactive control of the session so as to ensure functionality,
                especially for async client scripts. <b>YOU should abandon the session, the session
                    should not abandon you.</b><br />
                <br />
                Use the links below to manipulate the session and observe/confirm the behavior of
                this strategy.</p>
            <p>
                Something you may notice when &#39;bumping&#39; the session on a Forms ticket: It
                doesn&#39;t seem to do anything. That is because default for <a href="http://msdn.microsoft.com/en-us/library/1d3t3c61.aspx"
                    target="_blank">Forms Auth</a> is sliding expiration.</p>
            <p>
                The ticket is only renewed if the timeout interval is half elapsed. In other words,
                it does not keep issuing new tickets every request, only after the session is half
                over.</p>
            <p>
                Try bumping @ 20 sec.</p>
        </div>
        <p>
            <a href="#" onclick="callScriptMethod('FormsAuthenticated.aspx/DoSomething');return false;">
                bump session with an ajax call</a>&nbsp;&nbsp;&nbsp; <span class="style1">this call
                    represents the behavior of all JSON requests, PageMethods, ScriptMethods and Ajax
                    enabled WCF&nbsp; endpoints.</span></p>
        <p>
            <a href="FormsAuthenticated.aspx">bump session with a page cycle</a> &nbsp;&nbsp;<i>tip:
            </i><span class="style1">open this link in a new tab or window and notice syncronization.
                At 20 seconds, bump the session on one and watch the rest.</span></p>
        <p>
            <a href="Default.aspx?loggedout=true">Eject yourself and examine status</a></p>
    </div>
    </form>
</body>
</html>
